Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          YDbIRgKugQWsEorSpyLmU3iAPeQqQgdxnFGJJXJP/G0=
Subject key identifier:   ED:D3:53:B4:66:2E:2F:44:66:EE:82:50:1B:DF:8F:94:C0:1F:28:FA
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019892C9D146A593A5FD0CC8F8CB31CD8201
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0944
Signing time:             Sun 10 Aug 2025 07:02:36 +0000
Manifest this update:     Sun 10 Aug 2025 07:02:36 +0000
Manifest next update:     Mon 11 Aug 2025 07:02:36 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: N8jF78CojxHQ/+0cqNiBDiDybN71tSBx6NYaC+5olWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 07:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:c9:d1:46:a5:93:a5:fd:0c:c8:f8:cb:31:cd:82:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Aug 10 07:02:36 2025 GMT
            Not After : Aug 11 07:02:36 2025 GMT
        Subject: CN=edd353b4662e2f4466ee82501bdf8f94c01f28fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f4:1f:50:a4:04:ea:21:4b:36:ea:93:23:d9:
                    5f:cd:f4:a6:51:76:97:54:f6:51:e2:80:c4:af:98:
                    75:2b:6d:3f:db:52:57:0f:89:41:b2:32:34:fa:3f:
                    cf:52:ae:e6:82:d3:ee:6d:a1:c6:0b:78:f7:63:b7:
                    d4:c0:5c:09:a4:35:02:96:d5:02:57:69:76:84:95:
                    50:67:af:c4:d9:57:3b:12:a2:be:f1:9f:6e:3e:ef:
                    c0:ae:1c:9d:1f:1f:03:3d:5b:52:84:bd:07:86:f4:
                    45:a2:d0:97:31:d9:ec:ac:76:28:f6:c5:f9:54:54:
                    51:92:d1:63:e5:b5:08:03:ca:f6:76:ab:aa:86:ac:
                    1c:a6:81:bd:36:3d:b3:9c:77:8c:6d:11:1b:7b:0e:
                    3f:c1:8c:02:da:29:5b:54:1d:e5:cd:5e:86:bf:e4:
                    ec:43:8c:81:78:62:16:17:ea:9b:fe:ac:b5:de:36:
                    94:a7:0d:f8:9b:cc:21:58:62:c9:16:0c:6b:e0:7a:
                    e8:6a:9e:4c:31:ef:fc:42:da:4c:79:c7:60:1d:8e:
                    1f:1e:b0:17:31:ae:4b:56:a7:4b:09:50:e5:01:8e:
                    c9:0d:0e:c8:5a:4f:fc:69:70:a4:b4:e7:dd:bd:20:
                    58:3a:c3:65:f9:8f:43:62:70:77:e2:66:79:c0:d9:
                    d8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D3:53:B4:66:2E:2F:44:66:EE:82:50:1B:DF:8F:94:C0:1F:28:FA
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:9a:9b:c5:e4:81:41:bb:aa:7b:ad:c0:7c:f7:58:4a:85:f6:
         5f:26:8c:8b:55:c2:88:f5:75:4f:16:91:5e:0e:db:4f:77:f4:
         b8:d6:37:e0:01:9d:5c:ca:6e:40:bb:f0:fb:7a:95:80:65:16:
         9a:a8:f9:b7:7c:dd:cd:ce:6f:29:09:fd:1f:19:8e:ac:16:16:
         85:79:02:67:3b:80:68:82:42:80:ab:8b:c9:ea:1e:79:e2:16:
         10:b1:e6:56:b3:16:2e:29:24:4d:ed:74:98:33:d8:df:a4:cc:
         cb:2a:a3:06:57:3b:3a:db:7a:a3:a3:0b:bb:93:1a:70:70:68:
         4d:69:16:7e:c7:c5:b1:a7:5f:ee:3f:50:1a:f8:1b:5f:6d:ec:
         e8:f1:36:c7:2b:ab:37:41:4c:67:21:19:40:26:de:e7:cd:b4:
         71:74:df:2a:10:fb:08:06:10:36:75:98:5c:3c:9d:18:52:1c:
         8d:c4:74:f1:0d:50:92:b3:6c:59:c8:68:f9:13:8c:ee:0f:9e:
         4d:6f:63:2d:6d:c6:c8:26:a0:57:12:1d:92:83:9c:04:61:ad:
         61:9e:d1:5e:1b:5c:3b:f6:fd:3f:23:9e:89:b1:8d:e8:d6:88:
         8d:48:38:1c:e6:57:ae:81:1e:32:99:7a:84:f9:3e:7b:a0:26:
         00:70:97:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSydFGpZOl/QzI+MsxzYIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjUwODEwMDcwMjM2WhcNMjUwODExMDcwMjM2WjAzMTEwLwYDVQQD
EyhlZGQzNTNiNDY2MmUyZjQ0NjZlZTgyNTAxYmRmOGY5NGMwMWYyOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/QfUKQE6iFLNuqTI9lfzfSmUXaX
VPZR4oDEr5h1K20/21JXD4lBsjI0+j/PUq7mgtPubaHGC3j3Y7fUwFwJpDUCltUC
V2l2hJVQZ6/E2Vc7EqK+8Z9uPu/ArhydHx8DPVtShL0HhvRFotCXMdnsrHYo9sX5
VFRRktFj5bUIA8r2dquqhqwcpoG9Nj2znHeMbREbew4/wYwC2ilbVB3lzV6Gv+Ts
Q4yBeGIWF+qb/qy13jaUpw34m8whWGLJFgxr4Hroap5MMe/8QtpMecdgHY4fHrAX
Ma5LVqdLCVDlAY7JDQ7IWk/8aXCktOfdvSBYOsNl+Y9DYnB34mZ5wNnYqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3TU7RmLi9EZu6CUBvfj5TAHyj6MB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZqbxeSB
Qbuqe63AfPdYSoX2XyaMi1XCiPV1TxaRXg7bT3f0uNY34AGdXMpuQLvw+3qVgGUW
mqj5t3zdzc5vKQn9HxmOrBYWhXkCZzuAaIJCgKuLyeoeeeIWELHmVrMWLikkTe10
mDPY36TMyyqjBlc7Ott6o6MLu5MacHBoTWkWfsfFsadf7j9QGvgbX23s6PE2xyur
N0FMZyEZQCbe5820cXTfKhD7CAYQNnWYXDydGFIcjcR08Q1QkrNsWcho+ROM7g+e
TW9jLW3GyCagVxIdkoOcBGGtYZ7RXhtcO/b9PyOeibGN6NaIjUg4HOZXroEeMpl6
hPk+e6AmAHCX9A==
-----END CERTIFICATE-----